Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Architecture

The SASE Conversation in 2022, a Resolution for the Future

SASE can be a game-changer to manage risk during the continuing journey to the cloud

SASE can be a game-changer to manage risk during the continuing journey to the cloud

In 2020 Gartner introduced Secure Access Service Edge (SASE), its security methodology for integrating network and security controls to ensure that users receive the correct, risk-based level of access to systems at any moment in time. SASE is gaining momentum and according to Gartner, more than 50 percent of organizations will have an adoption strategy by 2025. Security has become more important than ever for today’s business landscape.

Now, in 2022, I’m sure that many CISOs/CIOs have SASE as a business priority with pressure for a fast and successful implementation. But SASE cannot be simply completed using a tick on the New Year’s resolution list underneath ‘Veganuary’ and ‘Couchto5k.’ SASE is a multi-element end-to-end architecture. Some elements, such as Zero-Trust Network Access (ZTNA), are new for many organizations, but another, Cloud Access Security Broker (CASB), is mature technology and in daily use. Successful adoption of SASE will need time, resource investment and focus.

In an earlier article, Getting SASE without the Hyperbole, I discussed what SASE is and how it could be such a game-changer to manage risk during the continuing journey to the cloud. This emphasized the importance of user experience and ground-up design for success. The last thing any user needs is additional stress from a new security solution when workers are already dealing with continual switches between the office and home-based working (WFA).

[ Read: Vendor Survey vs Reality on SASE Implementation ]

In SASE conversations, I have heard concerns about the need for new technologies to support the adoption. Understandably, IT managers do not want to rip out existing investments and be obligated to deploy and train their teams on different technology. This does not have to be the case, because a well-designed SASE architecture will leverage existing solutions but improve on them with greater client-to-workload visibility, system assurance and single-policy management to give a cleaner, faster and more efficient experience.

What Should you Consider for SASE?

Technologists looking at SASE should be aware of the risk that they may fall into a comfort zone and consider solutions first, but with experience being an important business metric, the right place to start is by looking at SASE benefits which include:

Advertisement. Scroll to continue reading.

• Leverage existing solutions: Moving to SASE does not have to be a rip-and-replace. Recognize the investments already made in solutions and staff to manage your security, leverage the best of what you have today, work with vendors who offer a seamless move to cloud-based security and make the change at a pace that suits your business.

• Secured WFA (Work from Anywhere) Access: How and where people work has changed – at home, in a coffee shop or from the office are all now normal. User access must consider any possibility for all users and ensure fast and secure access to resources and applications, with a security layer that follows the user and automatically adapts to their changing environment.

• Adopt a single policy framework: Teams do not want to switch between multiple consoles to manage policies; it’s complex and introduces unnecessary configuration risks should a radio button or option get missed in configuration. SASE solutions should offer common policy frameworks, allowing a single policy to be applied to multiple devices, locations and resources at once. This simplifies management and can reduce the risk of configuration errors.

• User segmentation based on Zero-Trust: In the last two years there has been a shift in working practices for users, with demands for flexible and always available access. It is essential to maintain consistent security in this environment. Only consider solutions that can deliver dynamic security policies which understand changing contextual risk profiles and adapt instantly as users connect to resources.

• Security Assurance: Managing security can be complex, which a SASE architecture looks to simplify by considering needs to the network edge. Security assurance provides the next level of confidence as security teams design, modify and update policies by flagging duplicate settings, possible errors or shadow configurations before they are committed. Changes can be created, approved and committed with confidence.

• Integration with Identity Providers: Protection to the network edge requires user management, and it is essential that any solution can integrate with your chosen identity provider to give visibility into what users are doing, when and where. This visibility provides invaluable data about application usage and data insights to assist in defining effective security policies for traffic traversing the corporate network. 

Changes to How People Work are Here to Stay 

Work From Anywhere is now ‘business as usual.’ Users expect to have always-on access to the resources they need to be effective, and this must be reliable and fast – with no impact on their experience. To deliver this you need a network that just works, always providing seamless and reliable access – ideally, users should not even be aware of the network or any of the dynamic security changes that keep them successful. When done correctly, this is what a SASE architecture promises, and it is certainly a bright spot for the future of security. 

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Artificial Intelligence

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Endpoint Security

Apple has launched a new security research blog and website, which will also be the new home of the company’s bug bounty program.